Executive Briefings

U.S Agencies May Be Barred from Buying IT from Vendors Affiliated with Chinese Government

By: Computerworld 04.02.2013

Certain U.S. federal agencies could be hindered from buying information technology systems made by companies with links to the Chinese government under the new funding law signed by President Barack Obama.

U.S. authorities will vet all IT system purchases made from the Commerce and Justice Departments, NASA and the National Science Foundation for possible security risks, according to section 516 of the new law.

"Cyber-espionage or sabotage" risks will be taken into account, along with the IT system being "produced, manufactured, or assembled" by companies that are owned, directed or funded by the Chinese government. IT systems that are found to be of "national interest" can then be brought before U.S. lawmakers for appropriation.

The funding law only extends until Sept. 30. But the inclusion of the security checks comes as China's is being increasingly blamed for hacking attacks against international companies. The most recent allegations have come from a U.S. security firm, which has said its traced an overwhelming number of cyber attacks to a possible military unit of China's People's Liberation Army.

Last year, a U.S. congressional committee concluded that telecommunication equipment suppliers Huawei Technologies and ZTE, could be influenced by the Chinese government to undermine U.S. security. Both the U.S. government and U.S. firms should buy from other vendors, the committee advised.

But the new security checks included in the U.S. funding law could affect a whole host of technology vendors with ties to China. One of those is Chinese PC maker Lenovo, which acquired the ThinkPad line from IBM in 2005.

U.S. authorities will vet all IT system purchases made from the Commerce and Justice Departments, NASA and the National Science Foundation for possible security risks, according to section 516 of the new law.

"Cyber-espionage or sabotage" risks will be taken into account, along with the IT system being "produced, manufactured, or assembled" by companies that are owned, directed or funded by the Chinese government. IT systems that are found to be of "national interest" can then be brought before U.S. lawmakers for appropriation.

The funding law only extends until Sept. 30. But the inclusion of the security checks comes as China's is being increasingly blamed for hacking attacks against international companies. The most recent allegations have come from a U.S. security firm, which has said its traced an overwhelming number of cyber attacks to a possible military unit of China's People's Liberation Army.

Last year, a U.S. congressional committee concluded that telecommunication equipment suppliers Huawei Technologies and ZTE, could be influenced by the Chinese government to undermine U.S. security. Both the U.S. government and U.S. firms should buy from other vendors, the committee advised.

But the new security checks included in the U.S. funding law could affect a whole host of technology vendors with ties to China. One of those is Chinese PC maker Lenovo, which acquired the ThinkPad line from IBM in 2005.